Open pwndad opened 6 years ago
Cobalt got the same "ambiguous" powershell issue, since they use your code: https://blog.cobaltstrike.com/2018/05/24/powershell-shellcode-injection-on-win-10-v1803/
However, this genious fix from @CG-root for Invoke-Mimikatz solves the issue for Invoke-Shellcode as well: https://github.com/mitre/caldera/issues/38#issuecomment-396055260
Cobalt got the same "ambiguous" powershell issue, since they use your code: https://blog.cobaltstrike.com/2018/05/24/powershell-shellcode-injection-on-win-10-v1803/
However, this genious fix from @CG-root for Invoke-Mimikatz solves the issue for Invoke-Shellcode as well: https://github.com/mitre/caldera/issues/38#issuecomment-396055260